From d22ed1fd9c20b733d9b792c47d7e9fb13ac6e975 Mon Sep 17 00:00:00 2001 From: Samuel Karp Date: Sun, 17 Aug 2025 12:00:05 -0700 Subject: [PATCH] upgrade runtime-spec to 1.3.0 https://github.com/opencontainers/runtime-spec/pull/1286 added FreeBSD support --- NOTICE | 4 +- cmd/runj/create.go | 16 +- cmd/runj/delete.go | 2 +- cmd/runj/demo.go | 12 +- cmd/runj/ext_exec.go | 2 +- go.mod | 2 +- go.sum | 4 +- hook/hook.go | 2 +- jail/mount.go | 2 +- oci/config.go | 27 ++-- oci/config_test.go | 12 +- runtimespec/config.go | 231 +-------------------------- test/integration/inside_test.go | 4 +- test/integration/integ_hooks_test.go | 2 +- test/integration/integ_main_test.go | 26 +-- test/integration/integ_net_test.go | 15 +- test/integration/integ_test.go | 17 +- 17 files changed, 75 insertions(+), 305 deletions(-) diff --git a/NOTICE b/NOTICE index 765cc81..6e4f8e1 100644 --- a/NOTICE +++ b/NOTICE @@ -3326,8 +3326,8 @@ SOFTWARE. ## github.com/opencontainers/runtime-spec/specs-go * Name: github.com/opencontainers/runtime-spec/specs-go -* Version: v1.2.1 -* License: [Apache-2.0](https://github.com/opencontainers/runtime-spec/blob/v1.2.1/LICENSE) +* Version: v1.3.0 +* License: [Apache-2.0](https://github.com/opencontainers/runtime-spec/blob/v1.3.0/LICENSE) ``` diff --git a/cmd/runj/create.go b/cmd/runj/create.go index 6f2009f..56f6c8f 100644 --- a/cmd/runj/create.go +++ b/cmd/runj/create.go @@ -8,10 +8,10 @@ import ( "path/filepath" "strconv" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "go.sbk.wtf/runj/hook" "go.sbk.wtf/runj/jail" "go.sbk.wtf/runj/oci" - "go.sbk.wtf/runj/runtimespec" "go.sbk.wtf/runj/state" "github.com/spf13/cobra" @@ -167,15 +167,11 @@ written`) Root: rootPath, Hostname: ociConfig.Hostname, } - if ociConfig.FreeBSD != nil && ociConfig.FreeBSD.Network != nil { - if ociConfig.FreeBSD.Network.IPv4 != nil { - jailcfg.IP4 = string(ociConfig.FreeBSD.Network.IPv4.Mode) - jailcfg.IP4Addr = ociConfig.FreeBSD.Network.IPv4.Addr - } - if ociConfig.FreeBSD.Network.VNet != nil { - jailcfg.VNet = string(ociConfig.FreeBSD.Network.VNet.Mode) - jailcfg.VNetInterface = ociConfig.FreeBSD.Network.VNet.Interfaces - } + if ociConfig.FreeBSD != nil && ociConfig.FreeBSD.Jail != nil { + jailcfg.IP4 = string(ociConfig.FreeBSD.Jail.Ip4) + jailcfg.IP4Addr = ociConfig.FreeBSD.Jail.Ip4Addr + jailcfg.VNet = string(ociConfig.FreeBSD.Jail.Vnet) + jailcfg.VNetInterface = ociConfig.FreeBSD.Jail.VnetInterfaces } var confPath string diff --git a/cmd/runj/delete.go b/cmd/runj/delete.go index a8beb85..966cc9b 100644 --- a/cmd/runj/delete.go +++ b/cmd/runj/delete.go @@ -4,10 +4,10 @@ import ( "errors" "fmt" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "go.sbk.wtf/runj/hook" "go.sbk.wtf/runj/jail" "go.sbk.wtf/runj/oci" - "go.sbk.wtf/runj/runtimespec" "go.sbk.wtf/runj/state" "github.com/spf13/cobra" diff --git a/cmd/runj/demo.go b/cmd/runj/demo.go index dadbb6d..e124434 100644 --- a/cmd/runj/demo.go +++ b/cmd/runj/demo.go @@ -8,13 +8,11 @@ import ( "os" "path/filepath" - "go.sbk.wtf/runj/oci" - - "go.sbk.wtf/runj/runtimespec" - "go.sbk.wtf/runj/demo" + "go.sbk.wtf/runj/oci" pb "github.com/cheggaaa/pb/v3" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/spf13/cobra" ) @@ -180,10 +178,8 @@ func exampleSpec() *runtimespec.Spec { Options: []string{"ruleset=4"}, }}, FreeBSD: &runtimespec.FreeBSD{ - Network: &runtimespec.FreeBSDNetwork{ - IPv4: &runtimespec.FreeBSDIPv4{ - Mode: runtimespec.FreeBSDIPv4ModeInherit, - }, + Jail: &runtimespec.FreeBSDJail{ + Ip4: runtimespec.FreeBSDShareInherit, }, }, } diff --git a/cmd/runj/ext_exec.go b/cmd/runj/ext_exec.go index 55a3030..bf843b4 100644 --- a/cmd/runj/ext_exec.go +++ b/cmd/runj/ext_exec.go @@ -6,10 +6,10 @@ import ( "fmt" "os" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/spf13/cobra" "go.sbk.wtf/runj/jail" "go.sbk.wtf/runj/oci" - "go.sbk.wtf/runj/runtimespec" "go.sbk.wtf/runj/state" ) diff --git a/go.mod b/go.mod index 3d2f2f7..653d26f 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/moby/sys/mount v0.3.4 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 - github.com/opencontainers/runtime-spec v1.2.1 + github.com/opencontainers/runtime-spec v1.3.0 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.9.1 github.com/stretchr/testify v1.10.0 diff --git a/go.sum b/go.sum index 47ec1e0..206b155 100644 --- a/go.sum +++ b/go.sum @@ -544,8 +544,8 @@ github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.m github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-spec v1.2.1 h1:S4k4ryNgEpxW1dzyqffOmhI1BHYcjzU8lpJfSlR0xww= -github.com/opencontainers/runtime-spec v1.2.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.3.0 h1:YZupQUdctfhpZy3TM39nN9Ika5CBWT5diQ8ibYCRkxg= +github.com/opencontainers/runtime-spec v1.3.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= diff --git a/hook/hook.go b/hook/hook.go index abfa4f1..dd1c5df 100644 --- a/hook/hook.go +++ b/hook/hook.go @@ -9,7 +9,7 @@ import ( "os/exec" "time" - "go.sbk.wtf/runj/runtimespec" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "go.sbk.wtf/runj/state" ) diff --git a/jail/mount.go b/jail/mount.go index 26b5313..cf97aad 100644 --- a/jail/mount.go +++ b/jail/mount.go @@ -6,7 +6,7 @@ import ( "github.com/containerd/containerd/mount" - "go.sbk.wtf/runj/runtimespec" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" ) // Mount mounts the mounts diff --git a/oci/config.go b/oci/config.go index b728021..9ea7efd 100644 --- a/oci/config.go +++ b/oci/config.go @@ -5,8 +5,9 @@ import ( "os" "path/filepath" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "go.sbk.wtf/runj/internal/util" - "go.sbk.wtf/runj/runtimespec" + runjspec "go.sbk.wtf/runj/runtimespec" "go.sbk.wtf/runj/state" ) @@ -58,7 +59,7 @@ func LoadConfig(id string) (*runtimespec.Spec, error) { if err != nil { return nil, err } - freebsd := &runtimespec.FreeBSD{} + freebsd := &runjspec.FreeBSD{} err = json.Unmarshal(extData, freebsd) if err != nil { return nil, err @@ -72,37 +73,31 @@ func LoadConfig(id string) (*runtimespec.Spec, error) { // together. Fields specified in the original spec are preserved except in the // case where they are overwritten. Slices the FreeBSD section are appended to // slices specified in the original spec. -func merge(spec *runtimespec.Spec, freebsd *runtimespec.FreeBSD) { +func merge(spec *runtimespec.Spec, freebsd *runjspec.FreeBSD) { if spec == nil || freebsd == nil { return } if spec.FreeBSD == nil { spec.FreeBSD = &runtimespec.FreeBSD{} } + if spec.FreeBSD.Jail == nil { + spec.FreeBSD.Jail = &runtimespec.FreeBSDJail{} + } if freebsd.Network != nil { - if spec.FreeBSD.Network == nil { - spec.FreeBSD.Network = &runtimespec.FreeBSDNetwork{} - } if freebsd.Network.IPv4 != nil { - if spec.FreeBSD.Network.IPv4 == nil { - spec.FreeBSD.Network.IPv4 = &runtimespec.FreeBSDIPv4{} - } if freebsd.Network.IPv4.Mode != "" { - spec.FreeBSD.Network.IPv4.Mode = freebsd.Network.IPv4.Mode + spec.FreeBSD.Jail.Ip4 = runtimespec.FreeBSDSharing(freebsd.Network.IPv4.Mode) } if len(freebsd.Network.IPv4.Addr) > 0 { - spec.FreeBSD.Network.IPv4.Addr = append(spec.FreeBSD.Network.IPv4.Addr, freebsd.Network.IPv4.Addr...) + spec.FreeBSD.Jail.Ip4Addr = append(spec.FreeBSD.Jail.Ip4Addr, freebsd.Network.IPv4.Addr...) } } if freebsd.Network.VNet != nil { - if spec.FreeBSD.Network.VNet == nil { - spec.FreeBSD.Network.VNet = &runtimespec.FreeBSDVNet{} - } if freebsd.Network.VNet.Mode != "" { - spec.FreeBSD.Network.VNet.Mode = freebsd.Network.VNet.Mode + spec.FreeBSD.Jail.Vnet = runtimespec.FreeBSDSharing(freebsd.Network.VNet.Mode) } if len(freebsd.Network.VNet.Interfaces) > 0 { - spec.FreeBSD.Network.VNet.Interfaces = append(spec.FreeBSD.Network.VNet.Interfaces, freebsd.Network.VNet.Interfaces...) + spec.FreeBSD.Jail.VnetInterfaces = append(spec.FreeBSD.Jail.VnetInterfaces, freebsd.Network.VNet.Interfaces...) } } } diff --git a/oci/config_test.go b/oci/config_test.go index 063a7c6..e5d90c5 100644 --- a/oci/config_test.go +++ b/oci/config_test.go @@ -4,17 +4,21 @@ import ( "testing" "github.com/go-faker/faker/v4" - - "go.sbk.wtf/runj/runtimespec" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "gotest.tools/v3/assert" + + runjspec "go.sbk.wtf/runj/runtimespec" ) func TestMergeEmpty(t *testing.T) { spec := &runtimespec.Spec{} - freebsd := &runtimespec.FreeBSD{} + freebsd := &runjspec.FreeBSD{} err := faker.FakeData(freebsd) assert.NilError(t, err) merge(spec, freebsd) - assert.DeepEqual(t, freebsd, spec.FreeBSD) + assert.Equal(t, string(spec.FreeBSD.Jail.Vnet), string(freebsd.Network.VNet.Mode)) + assert.DeepEqual(t, spec.FreeBSD.Jail.VnetInterfaces, freebsd.Network.VNet.Interfaces) + assert.Equal(t, string(spec.FreeBSD.Jail.Ip4), string(freebsd.Network.IPv4.Mode)) + assert.DeepEqual(t, spec.FreeBSD.Jail.Ip4Addr, freebsd.Network.IPv4.Addr) } diff --git a/runtimespec/config.go b/runtimespec/config.go index bd73439..3b4f8c9 100644 --- a/runtimespec/config.go +++ b/runtimespec/config.go @@ -1,186 +1,15 @@ /* -This file is adapted from +This file previously contained code from https://github.com/opencontainers/runtime-spec/blob/e6143ca7d51d11b9ab01cf4bc39e73e744241a1b/specs-go/config.go, retrieved October 28, 2020. -Copyright 2015 The Linux Foundation. -Copyright 2020 Samuel Karp. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 +It now only contains original code. -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. +Copyright 2020 Samuel Karp. */ package runtimespec -// Spec is the base configuration for the container. -type Spec struct { - // Version of the Open Container Initiative Runtime Specification with which the bundle complies. - Version string `json:"ociVersion"` - // Process configures the container process. - Process *Process `json:"process,omitempty"` - // Root configures the container's root filesystem. - Root *Root `json:"root,omitempty"` - - // Hostname configures the container's hostname. - Hostname string `json:"hostname,omitempty"` - - // Mounts configures additional mounts (on top of Root). - Mounts []Mount `json:"mounts,omitempty"` - - // Hooks configures callbacks for container lifecycle events. - Hooks *Hooks `json:"hooks,omitempty"` - - // Annotations contains arbitrary metadata for the container. - Annotations map[string]string `json:"annotations,omitempty"` - - // Modification by Samuel Karp - FreeBSD *FreeBSD `json:"freebsd,omitempty"` - // End of modification - - // Modification by Samuel Karp - /* - // Linux is platform-specific configuration for Linux based containers. - Linux *Linux `json:"linux,omitempty" platform:"linux"` - // Solaris is platform-specific configuration for Solaris based containers. - Solaris *Solaris `json:"solaris,omitempty" platform:"solaris"` - // Windows is platform-specific configuration for Windows based containers. - Windows *Windows `json:"windows,omitempty" platform:"windows"` - // VM specifies configuration for virtual-machine-based containers. - VM *VM `json:"vm,omitempty" platform:"vm"` - */ - // End of modification -} - -// Modification by Samuel Karp -/* -Omitted type definitions for: -LinuxCapabilities -Box -User -*/ -// End of modification - -// Process contains information to start a specific application inside the container. -type Process struct { - // Terminal creates an interactive terminal for the container. - Terminal bool `json:"terminal,omitempty"` - // Modification by Samuel Karp - /* - // ConsoleSize specifies the size of the console. - ConsoleSize *Box `json:"consoleSize,omitempty"` - // User specifies user information for the process. - User User `json:"user"` - */ - // End of modification - - // Args specifies the binary and arguments for the application to execute. - Args []string `json:"args,omitempty"` - - // Modification by Samuel Karp - /* - // CommandLine specifies the full command line for the application to execute on Windows. - CommandLine string `json:"commandLine,omitempty" platform:"windows"` - */ - - // Env populates the process environment for the process. - Env []string `json:"env,omitempty"` - - // Modification by Samuel Karp` - /* - // Cwd is the current working directory for the process and must be - // relative to the container's root. - Cwd string `json:"cwd"` - // Capabilities are Linux capabilities that are kept for the process. - Capabilities *LinuxCapabilities `json:"capabilities,omitempty" platform:"linux"` - // Rlimits specifies rlimit options to apply to the process. - Rlimits []POSIXRlimit `json:"rlimits,omitempty" platform:"linux,solaris"` - // NoNewPrivileges controls whether additional privileges could be gained by processes in the container. - NoNewPrivileges bool `json:"noNewPrivileges,omitempty" platform:"linux"` - // ApparmorProfile specifies the apparmor profile for the container. - ApparmorProfile string `json:"apparmorProfile,omitempty" platform:"linux"` - // Specify an oom_score_adj for the container. - OOMScoreAdj *int `json:"oomScoreAdj,omitempty" platform:"linux"` - // SelinuxLabel specifies the selinux context that the container process is run as. - SelinuxLabel string `json:"selinuxLabel,omitempty" platform:"linux"` - */ - // End of modification -} - -// Root contains information about the container's root filesystem on the host. -type Root struct { - // Path is the absolute path to the container's root filesystem. - Path string `json:"path"` - - // Modification by Samuel Karp - /* - // Readonly makes the root filesystem for the container readonly before the process is executed. - Readonly bool `json:"readonly,omitempty"` - */ - // End of modification -} - -// Mount specifies a mount for a container. -type Mount struct { - // Destination is the absolute path where the mount will be placed in the container. - Destination string `json:"destination"` - // Type specifies the mount kind. - Type string `json:"type,omitempty" platform:"linux,solaris"` - // Source specifies the source path of the mount. - Source string `json:"source,omitempty"` - // Options are fstab style mount options. - Options []string `json:"options,omitempty"` -} - -// Hook specifies a command that is run at a particular event in the lifecycle of a container -type Hook struct { - Path string `json:"path"` - Args []string `json:"args,omitempty"` - Env []string `json:"env,omitempty"` - Timeout *int `json:"timeout,omitempty"` -} - -// Hooks specifies a command that is run in the container at a particular event in the lifecycle of a container -// Hooks for container setup and teardown -type Hooks struct { - // Modification by Artem Khramov - /* - // Prestart is Deprecated. Prestart is a list of hooks to be run before the container process is executed. - // It is called in the Runtime Namespace - Prestart []Hook `json:"prestart,omitempty"` - */ - // End of modification - // CreateRuntime is a list of hooks to be run after the container has been created but before pivot_root or any equivalent operation has been called - // It is called in the Runtime Namespace - CreateRuntime []Hook `json:"createRuntime,omitempty"` - // Modification by Artem Khramov - /* - // CreateContainer is a list of hooks to be run after the container has been created but before pivot_root or any equivalent operation has been called - // It is called in the Container Namespace - CreateContainer []Hook `json:"createContainer,omitempty"` - // StartContainer is a list of hooks to be run after the start operation is called but before the container process is started - // It is called in the Container Namespace - StartContainer []Hook `json:"startContainer,omitempty"` - // Poststart is a list of hooks to be run after the container process is started. - // It is called in the Runtime Namespace - Poststart []Hook `json:"poststart,omitempty"` - */ - // End of modification - // Poststop is a list of hooks to be run after the container process exits. - // It is called in the Runtime Namespace - Poststop []Hook `json:"poststop,omitempty"` -} - -// Modification by Samuel Karp - // FreeBSD specifies FreeBSD-specific configuration options type FreeBSD struct { Network *FreeBSDNetwork `json:"network,omitempty"` @@ -232,57 +61,3 @@ const ( ) type FreeBSDVNetMode string - -// End of modification - -// Modification by Samuel Karp -/* -Omitted type definitions for: -Linux -LinuxNamespace -LinuxNamespaceType -LinuxIDMapping -POSIXRlimit -LinuxHugepageLimit -LinuxInterfacePriority -linuxBlockIODevice -LinuxWeightDevice -LinuxThrottleDevice -LinuxBlockIO -LinuxMemory -LinuxCPU -LinuxPids -LinuxNetwork -LinuxRdma -LinuxResources -LinuxDevice -LinuxDeviceCgroup -LinuxPersonalityDomain -LinuxPersonalityFlag -LinuxPersonality -Solaris -SolarisCappedCPU -SolarisCappedMemory -SolarisAnet -Windows -WindowsDevice -WindowsResources -WindowsMemoryResources -WindowsCPUResources -WindowsStorageResources -WindowsNetwork -WindowsHyperV -VM -VMHypervisor -VMKernel -VMImage -LinuxSeccomp -Arch -LinuxSeccompFlag -LinuxSeccompAction -LinuxSeccompOperator -LinuxSeccompArg -LinuxSyscall -LinuxIntelRdt -*/ -// End of modification diff --git a/test/integration/inside_test.go b/test/integration/inside_test.go index 35f3bbd..8cccda0 100644 --- a/test/integration/inside_test.go +++ b/test/integration/inside_test.go @@ -48,7 +48,9 @@ func TestLocalhostHTTPHello(t *testing.T) { requestURL := fmt.Sprintf("http://127.0.0.1:%s/hello", port) resp, err := http.Get(requestURL) assert.NoError(t, err, "failed to get from %q", requestURL) - defer resp.Body.Close() + if err == nil { + defer resp.Body.Close() + } body, err := io.ReadAll(resp.Body) assert.NoError(t, err, "failed to read body") fmt.Println(string(body)) diff --git a/test/integration/integ_hooks_test.go b/test/integration/integ_hooks_test.go index 3e1a816..da8aecf 100644 --- a/test/integration/integ_hooks_test.go +++ b/test/integration/integ_hooks_test.go @@ -9,8 +9,8 @@ import ( "testing" "time" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" - "go.sbk.wtf/runj/runtimespec" ) func TestHooks(t *testing.T) { diff --git a/test/integration/integ_main_test.go b/test/integration/integ_main_test.go index 0c20cfe..c8abd6d 100644 --- a/test/integration/integ_main_test.go +++ b/test/integration/integ_main_test.go @@ -15,14 +15,13 @@ import ( "testing" "time" + "github.com/cheggaaa/pb/v3" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "go.sbk.wtf/runj/internal/util" - "go.sbk.wtf/runj/runtimespec" - - "github.com/cheggaaa/pb/v3" - "go.sbk.wtf/runj/demo" + "go.sbk.wtf/runj/internal/util" + "go.sbk.wtf/runj/jail" ) const ( @@ -183,13 +182,13 @@ func runExitingJail(t *testing.T, id string, spec runtimespec.Spec, wait time.Du if err != nil { return nil, nil, err } - defer func() { - if err == nil { + t.Cleanup(func() { + if err == nil && !t.Failed() { os.RemoveAll(bundleDir) } else { - t.Log("preserving tempdir due to error", bundleDir, err) + t.Log("preserving tempdir due to error or failed", bundleDir, err, t.Failed()) } - }() + }) rootDir := filepath.Join(bundleDir, "root") err = os.MkdirAll(rootDir, 0755) if err != nil { @@ -233,6 +232,15 @@ func runExitingJail(t *testing.T, id string, spec runtimespec.Spec, wait time.Du } defer func() { + // copy jail conf + c := jail.ConfPath(id) + conf, err := os.Open(c) + if err == nil { + out, _ := os.OpenFile(filepath.Join(bundleDir, "jail.conf"), os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0o666) + io.Copy(out, conf) + t.Log("copied jail.conf") + } + // remove jail cmd = exec.Command("runj", "delete", id) cmd.Stdin = nil outBytes, cleanupErr := cmd.CombinedOutput() diff --git a/test/integration/integ_net_test.go b/test/integration/integ_net_test.go index 2004a6f..fe2c2e2 100644 --- a/test/integration/integ_net_test.go +++ b/test/integration/integ_net_test.go @@ -16,9 +16,9 @@ import ( "testing" "time" + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "go.sbk.wtf/runj/runtimespec" ) func TestHostIPv4Network(t *testing.T) { @@ -50,9 +50,8 @@ func TestHostIPv4Network(t *testing.T) { t.Cleanup(func() { server.Shutdown(context.Background()) }) spec.FreeBSD = &runtimespec.FreeBSD{ - Network: &runtimespec.FreeBSDNetwork{ - IPv4: &runtimespec.FreeBSDIPv4{ - Mode: "inherit"}, + Jail: &runtimespec.FreeBSDJail{ + Ip4: runtimespec.FreeBSDShareInherit, }, } spec.Process = &runtimespec.Process{ @@ -105,10 +104,10 @@ func TestVNetBridge(t *testing.T) { }, } spec.FreeBSD = &runtimespec.FreeBSD{ - Network: &runtimespec.FreeBSDNetwork{VNet: &runtimespec.FreeBSDVNet{ - Mode: "new", - Interfaces: []string{epairB}, - }}, + Jail: &runtimespec.FreeBSDJail{ + Vnet: runtimespec.FreeBSDShareNew, + VnetInterfaces: []string{epairB}, + }, } stdout, stderr, err := runExitingJail(t, "integ-test-vnet-bridge", spec, 30*time.Second) diff --git a/test/integration/integ_test.go b/test/integration/integ_test.go index d11cf60..da29a08 100644 --- a/test/integration/integ_test.go +++ b/test/integration/integ_test.go @@ -14,8 +14,7 @@ import ( "testing" "time" - "go.sbk.wtf/runj/runtimespec" - + runtimespec "github.com/opencontainers/runtime-spec/specs-go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -57,11 +56,9 @@ func TestCreateDelete(t *testing.T) { { Process: &runtimespec.Process{}, FreeBSD: &runtimespec.FreeBSD{ - Network: &runtimespec.FreeBSDNetwork{ - IPv4: &runtimespec.FreeBSDIPv4{ - Mode: runtimespec.FreeBSDIPv4ModeNew, - Addr: []string{"127.0.0.2"}, - }, + Jail: &runtimespec.FreeBSDJail{ + Ip4: runtimespec.FreeBSDShareNew, + Ip4Addr: []string{"127.0.0.2"}, }, }, }, @@ -69,10 +66,8 @@ func TestCreateDelete(t *testing.T) { { Process: &runtimespec.Process{}, FreeBSD: &runtimespec.FreeBSD{ - Network: &runtimespec.FreeBSDNetwork{ - VNet: &runtimespec.FreeBSDVNet{ - Mode: runtimespec.FreeBSDVNetModeNew, - }, + Jail: &runtimespec.FreeBSDJail{ + Vnet: runtimespec.FreeBSDShareNew, }, }, },